In his first interview since the arrest, given a week ago, Childs contended that he did nothing illegal while working for the city and argued that his actions, depicted as criminal by prosecutors, were in line with standard network security practices. The criminal court case before him prevented him from commenting in much detail on the case, but he outlined his defense in recently filed court documents, describing a tense July 9 standoff with police and city officials.

That afternoon Childs "unwittingly" found himself in a surprise meeting in the city's Hall of Justice, where he maintained network facilities. At the meeting were his boss, DTIC Chief Operations Officer Richard Robinson, San Francisco Police Department CIO Greg Yee and human resources representative Vitus Leung. On the phone were engineers, listening in to confirm whether the passwords he gave were correct.

They were not, and within days Childs was charged with disrupting computer services and faced further counts of unauthorized network access. He faces seven years in prison if convicted.

The July 9 meeting was the culmination of a long-simmering dispute between Childs and his managers, who had been seeking administrative passwords to the network since at least February. Childs had refused to provide the passwords, apparently because he feared that they would be shared with management or outside contractors, according to court filings.

Even though it went against the orders of his supervisors, Childs was doing his job by refusing to hand over the passwords to a roomful of people, his attorney Richard Shikman argued in the filings. "The response to suspend him was arguably legal. The response to prosecute him is not," he wrote.

The Terry Childs case can seem like a cautionary tale of the power wielded by the people in charge of computer systems. Or it can seem like a poignant reminder of how dedicated employees can be thwarted at the whim of management.

Childs is no angel. He has already served four years in Kansas prison on aggravated robbery and aggravated burglary charges, stemming from an incident that occurred when he was a teenager.

Three of the charges against Childs in the San Francisco case stem from modems that were found in his office.

Prosecutors said these modems provided illegal access to the city's network, but in court filings, Childs' lawyer said they were used for work. One was set up to dial out to Childs' pager any time a problem popped up on the city's network. The second was a DSL modem that had been set up even before Childs was hired at DTIS, used to connect to the Internet and test access to the city's network. The third was for emergency use only, designed to connect city computers to a disaster recovery site so that the city's network could be up and running in the event of an emergency.

"The existence, use and nature of modems are within the scope of the employment of a network engineer," his attorney argued in court filings.

Childs may have felt justified in refusing to hand over the passwords to strangers, but obviously something happened to lead up to the tense July 9 showdown, said Bruce Schneier, a noted computer security expert and chief security technology officer at BT. "That's not a normal day at the office," he said. "It does seem strange. It feels like there is more to the story than we know."

"The passwords are owned by the city, so as an employee he's obligated to give them up to his boss," Schneier added.

If he had to do it all over again, that's exactly what Terry Childs would do. "I'd have gotten out before it came to this," he said last week. "I have a great house ... and I'm on the verge of losing it since I'm in here. I'm out of a job, and don't know what'll happen with all this."

Childs's lawyer has moved that the charges against him be dropped. A hearing on that motion is set for Feb. 27.